Activate subscription >
Add devices or upgrade >
Renew subscription >
Secure Hub >
Don’t have an account? Sign up >
< Products
< Resources
< Help
A new macOS infostealer, NukeChain (now Infiniti Stealer), uses fake CAPTCHA pages to trick users into running malicious commands.
Think you’re downloading from Google or Apple? 1,500+ fake app store sites look like the real thing, but push unvetted, cloned web-based casino apps.
A sprawling network of fake shops, all built for one purpose: to steal your payment details and personal data.
The phishing site it is not affiliated with Igloo Inc or Pudgy Penguins, but is designed to lure fans and steal their crypto passwords.
A fake $TEMU crypto airdrop uses the ClickFix trick to make victims run malware themselves and quietly installs a remote-access backdoor.
We found a fake Google Meet update that enrolls the victim's Windows PC in an attacker's device management system.
We uncovered a fake CleanMyMac site delivering SHub Stealer, a macOS infostealer that steals credentials and silently backdoors crypto wallets.
A tampered copy of FileZilla quietly contacts attacker-controlled servers using encrypted DNS traffic that can slip past traditional monitoring.
Disguised as a security check, this fake Google alert uses browser permissions to harvest contacts, location data, and more.
Contributors
Threat Center
Podcast
Glossary
Scams